This invention relates to smart cards in general, and in particular to an improved smart card architecture with improved operational capability.
Smart cards are currently known and generally comprise a card-shaped data token having active system elements incorporated within the card structure for enabling interactive use of the card with a wide variety of data processing systems, such as credit card charging systems which enable point-of-sale purchase transactions, debit card systems, fare collection systems for public transportation, secure access facilities, and any application which requires a data token capable of interacting with a data processing system. Smart cards have two basic configurations-one requiring direct, positive contact with the card reading device (such as those cards using ohmic contacts), and another requiring only proximity to the card reading device(such as those cards using inductive or capacitive transfer elements). Both configurations typically incorporate within the physical card structure several basic elements required for a properly functioning device. These elements include an input/output data transfer circuit, a local data processor, some type of non-volatile memory for storing data within the card between periods of active use and for storing some form of program to enable the card to function with the external data processing system, and a power transfer circuit. For direct contact smart cards, the input/output data transfer circuit and the power transfer circuit typically employ ohmic contacts which enable DC power supplied by the card reader unit to be transferred to the elements within the card and provide a data transfer path. For contactless smart cards, the input/output data transfer circuit and the power transfer circuit typically employ an r.f. energy receiving circuit, which includes circuitry for converting energy received from an outside source in r.f. form to usable DC form. The r.f. energy receiving circuit typically includes an inductor which is also used to provide a data transfer path. A survey of present smart card technology is set forth in a publication entitled xe2x80x9cAbout Smart Cardsxe2x80x9d available from Racom Systems, Inc. The disclosure of this publication is hereby incorporated by reference. Smart cards have been proposed which incorporate an authentication mechanism for preventing use of the card by all but the authorized user. The most secure authentication mechanism proposed to date employs a print reader and associated circuitry within the card itself which can read the unique fingerprint or the thumbprint of the user, compare the read print with a stored version known to be genuine, and permit use of the card for a transaction if the two versions match. A description of such a secure smart card can be found in U.S. Pat. No. 5,473,144 issued Dec. 5, 1995 for xe2x80x9cCREDIT CARD WITH DIGITIZED FINGER PRINT AND READING APPARATUSxe2x80x9d and U.S. Pat. No. 5,180,901 for xe2x80x9cIC CARD WITH INDIVIDUAL AUTHENTICATION FUNCTIONxe2x80x9d, the disclosures of which are hereby incorporated by reference
In known smart cards of this type using direct contact between the card and the reader apparatus, the card must be inserted into a slot (such as slot 18 in the ""144 device) and the finger or thumb of the user must be pressed against a support surface (such as scanning screen 20 in the ""144 device) in order to perform the authentication procedure. In the smart card apparatus shown in the ""901 patent, which also appears to employ direct contact, the card must be placed on a firm support surface in order to permit the user""s finger to press firmly against the fingerprint sensor areas 1 and 3 in order to permit the authentication process to proceed correctly.
While the above arrangements are well-suited for direct contact applications, which inherently require that the smart card remain stationary for some period of time in the card reader, problems are encountered when this arrangement is attempted to be applied to contactless smart cards. The primary advantage of a contactless smart card lies in the fact that the card may be read on-the-fly without the need for the user to stop at the card reader station, insert the card into a card reader, wait for the authentication procedure to complete, and then withdraw the card from the reader. Rather, in a contactless card installation, the user merely places the card in the proximity of the reader, typically while continuing to advance in the direction of the secured portal (e.g. a transit system turnstile, or an automatic security gate or door), and the authentication process proceeds while the user advances. If the authorization process is successful, the user passes through the secured portal without the need to pause during the process. This advantage is especially significant in high traffic applications, in which the desired result is a combination of secured access and continuous traffic flow at the normal rate. Known smart card systems which employ fingerprint verification do afford a high degree of secure access: however, such systems suffer from the disadvantage of requiring a pause in the flow of traffic while the user""s print is being checked for authenticity.
The invention comprises a smart card which incorporates print verification into a physical card structure which allows the user""s personal print to be read without the need for any stationary reading surface element so that the card may be used on-the-fly to control access to a secure portal.
In a broadest aspect, the invention comprises a physical card structure having a print registration area located on a surface of the card, means for enabling the user to grip the card to press the finger or thumb print into enabling registration with the print registration area, and electronic circuitry located within the card for converting the physical print information presented to the print registration area into electric print signals for performing an authenticity check of the user""s personal print.
The enabling means preferably comprises sensor portions on the card surface which are positioned in locations at which the print portions of the thumb or finger are naturally located when the card is gripped by the user so that firm contact is automatically established and reliable signals can be generated whenever the user grasps the card in the proper manner.
The electronic circuitry comprises circuit components for performing the print authentication check process entirely within the card itself and for transmitting a pass/no-pass signal to the security check point. The circuitry includes a non-volatile memory for storing authentic versions of the prints of the authorized user, and a processor for comparing these known versions with current print signals generated by the print sensor. An r.f. transfer circuit provides a data transfer path between the card and any external device, and also enables the transfer of r.f. energy from an external source to the circuit elements within the card.
The invention affords the relatively high security associated with personal print verification without impeding traffic flow through the security check point.
For a fuller understanding of the nature and advantages of the invention, reference should be made to the ensuing detailed description taken in conjunction with the accompanying drawings.